I'm a technology, privacy, and information security reporter and most recently the author of the book This Machine Kills Secrets, a chronicle of the history and future of information leaks, from the Pentagon Papers to WikiLeaks and beyond.
I've covered the hacker beat for Forbes since 2007, with frequent detours into digital miscellania like switches, servers, supercomputers, search, e-books, online censorship, robots, and China. My favorite stories are the ones where non-fiction resembles science fiction. My favorite sources usually have the word "research" in their titles.
Since I joined Forbes, this job has taken me from an autonomous car race in the California desert all the way to Beijing, where I wrote the first English-language cover story on the Chinese search billionaire Robin Li for Forbes Asia. Black hats, white hats, cyborgs, cyberspies, idiot savants and even CEOs are welcome to email me at agreenberg (at) forbes.com. My PGP public key can be found here.

No Smoking Gun In Hints That WikiLeaks Actively Stole Data

At midnight Wednesday night, Bloomberg posted a strongly-worded story that outlined hacking accusations against WikiLeaks, claiming that as many as half of its revelations have come not from insider whistleblowing, but from WikiLeaks itself actively siphoning information out of government networks via peer-to-peer filesharing networks like Limewire and Kazaa.

The source of those claims: A small company, headquartered on the outskirts of Pittsburgh, known as Tiversa. “WikiLeaks is doing searches themselves on file-sharing networks,” the company’s chief executive, Robert Boback, told Bloomberg. “It would be highly unlikely that someone else from Sweden is issuing those same types of searches resulting in that same type of information.”

Let’s be clear about what facts Tiversa is putting together: Someone stole secrets from the U.S. government via filesharing networks using four computers based in Sweden, including files that outlined a new naval sensor system and another that tracked Taliban leaders. Those files ended up on WikiLeaks. What’s missing in this story, crucially, is any evidence showing that those Swedish hackers are directly working for WikiLeaks, rather than merely acting as a few of the secret-spilling outfit’s multitude of sources worldwide.

In fact, in a phone interview with me today, Boback sounded distinctly less sure of his firm’s deductions than he did in the Bloomberg piece. “What we saw were people who were searching [computers connected to filesharing networks] for .xls, .doc, .pdf, and searching for those generic terms over and over again,” says Boback. “They had multiple Swedish IPs. Can I say that those are WikiLeaks? I can’t. But we can track the downloads of people doing that, and a short time after those files were downloaded, they’re listed on WikiLeaks.”

Boback, who says he’s working with a U.S. government investigation into possible peer-to-peer sources for WikiLeaks, says that he saw downloads of documents that later were posted to WikiLeaks from other countries too, both “in the U.S. and across Europe.” ”Many of the searches are in Sweden, many are outside,” adds Boback. “It’s hard for us to say that any IP address was WikiLeaks.”

Tiversa has connected some obvious dots: WikiLeaks has held much of its data in Sweden for years, due in part to the country’s strong source protection laws. But the company’s claims highlight just how tough it is to accuse WikiLeaks of actively stealing anything. The lines between WikiLeaks, its many hacker fans, and its sources are simply too hazy.

As of last count, the group had more than 1,200 volunteers around the world, most of whom communicate with WikiLeaks’ core staff only intermittently. As one measure of its supporters in Sweden, there are 23 different Swedish “mirrors” of WikiLeaks’ data among the 1,426 currently listed on WikiLeaks’ website. WikiLeaks has become a cause célèbre in hacker circles, and is known to have supporters in Germany’s grassroots hacker group the Chaos Computer Club. WikiLeakers and former WikiLeakers including Julian Assange, Daniel Domscheit-Berg, and Jacob Appelbaum have all spoken to admiring crowds at hacker conferences from Berlin to Malaysia.

It’s no surprise either that WikiLeaks publishes data from hackers or other outsider sources, in addition to its insider whistleblowers. Both the hacked emails regarding climate change from East Anglia University and others stolen from Sarah Palin’s Yahoo account have appeared on the site, passed on after clear cases of data-stealing intrusions.

On its current “about” page, WikiLeaks makes no claims that it’s soliciting data only from principled insiders. In fact, it says it doesn’t solicit information at all, only promising to “get the unvarnished truth out to the public” while safeguarding the identity of its sources.

Still, WikiLeaks’ latest bombshells, like the military documents and State Department cables allegedly leaked by Bradley Manning and the upcoming list of tax-sheltered Julius Baer clients in Switzerland, seem to have been the product of traditional whistleblowing, not hacking. Part of what has made WikiLeaks so much more effective than traditional hacking efforts, after all, is that whistleblowers with privileged accounts within computer networks are a far more efficient source of embarrassing data than hacking techniques such as random searches of filesharing networks. As Assange reminded me when we spoke in November: “Insiders know where the bodies are.”

Post Your Comment

Post Your Reply

Forbes writers have the ability to call out member comments they find particularly interesting. Called-out comments are highlighted across the Forbes network. You'll be notified if your comment is called out.

I simply don’t buy your take on this, Andy. I’m very glad for Bloomberg’s reporting on this and I await more information on this unfolding story.

You say,

“What’s missing in this story, crucially, is any evidence showing that those Swedish hackers are directly working for WikiLeaks, rather than merely acting as a few of the secret-spilling outfit’s multitude of sources worldwide.”

Nothing of the sort. For one, why would “merely acting as a few of the multitude of sources” somehow exonerate these hacktivists?!

Secondly, as you know, WikiLeaks is an anarchists’ cooperative without traditional accountability structures like “a board of trustees” or “a charter” or “a job description” or “an employee manual” or “a registered status” or “990 filings to the IRS” and so on. All those things would create a trail showing the complicity of a Swedish hacker to the organization’s crimes in soliciting — inciting hacking! — and publishing classified stolen documents.

Absent those mechanisms, all you have are chat logs and the liklihood that this fiercely-loyal tribal brotherhood of hackers pretending their networks are always “loose” are only as strong as the weakest link which breaks down and turns state’s evidence — which is how Bradley Manning could be arrested.

Everything hinges on your belief that these Swedish hackers act in good faith, and have no ties per se to WikiLeaks, or that they are “good citizens” and act on “good faith”. But that’s silly — they don’t. It *is* a conspiracy as Assange himself amply explains in his writings, and it is one where people understand their implicit goals and join and take action consistent with those goals and therefore are in fact related to the strong personalities in the group disseminating those goals.

And they lie, these hackers, as we just saw in your report on these pages about the hacker caught by the FBI. Baked into the hacker culture is the elaborate subterfuge about the criminality of hacking itself — they are always about distracting from the true nature of their actions, which are criminal.

And aren’t you coy, saying that WikiLeaks doesn’t solicit information. That’s like saying prostitutes walking on certain corners on the wrong side of the tracks in front of certain budget hotels aren’t soliciting clients, either.

It’s all pretty fake, Andy, and I marvel that your own barely-concealed hactivist views are hardly congruent with the traditions of the Capitalist Tool here.

catfitz40. Your references to IRS 990 does not apply here. It alarms me that we Americans seem to believe that peoples of other country’s are bound by our laws. The Internet is a global endeavor. Thinking that anyone that uses it, falls under the purview of American law needs to get a grip.

I find it interesting that Tiversa can track what private citizens are downloading and uploading. Just who authorized this activity and what law gives it permission to do that? Furthermore can I have a copy of that software? I’d like to know what all my X wives that live in Texas are downloading and uploading. Maybe they are making money they have not told me about and therefore possibly a refund on child support payments I’ve made to them. I Now going to do a “WHOIS” on Tiversa.

greglbean. I’ve come to the sad conclusion that contrary to my own belief that I was internet savvy. I am really an idiot. I actually believed that after starting an ISP with a friend back in An Internet starved area of Ohio that I knew a little bit about it’s limitations and capability’s. Well after reading this article and then the Bloomeberg one. I’ve concluded that nothing I say and do on the net is safe or private in any way shape fashion or form. How Sad.. sigh

@ron wilson Internet comment sections are famous for this sort of Fisking and literalism. Just because I’ve cited the kinds of things that make organizations accountable in American terms like 990s doesn’t mean I expect the world to fall under American law or practices, that’s silly. There are equivalent accountability mechanisms in Sweden or the UK or many other questions so it’s silly to make this kind of quibble.

Furthermore, your friend WikiLeaks sought to do business with American companies, Amazon and Paypal. So it’s reasonable to ask what kind of operation they run, and whether it is accountable as to registration, banking, etc. It seems it is not. It seems it is just a sort of anarchist cooperative run like a partisan band or a tribe with the all-powerful leader and strongman deciding everything despite all the claims to “looseknit” status. Indeed, like so many authoritarian open-source projects, it has already forked because two strongmen couldn’t get along.

I’m also fascinated to see how indignant you get over this firm tracking “what private citizens are doing” — if that’s the case — yet you don’t have a thought in your head about your lovely Swedish hacker pals trawling and scraping and grabbing people’s stuff from these networks. How do you account for that, Ron?

Greg, the U.S. government doesn’t have to prove that WikiLeaks engaged in hacking or incitement of hacking to take some action against it, possibly sanctions, if they can’t get this old 1917 law on espionage to apply. They can find that this operation worked against national security and decide to prosecute it anyway. And just because their case might be strengthened by finding actual hacking doesn’t mean that they themselves have faked this up in a sting operation. BTW, the FBI uses stings all the time in terrorism cases, and prosecution sticks regardless, although this method is indeed questioned by some.

catfitz40 part 1 I don’t condone hacking into private peoples PC’s by anyone. wikileaks or Tiversa or govt. agency’s. Not even under the “National Security” umbrella. This much I do believe and I’ve drawn a line in the sand on it.

We the people of the Republic of America, are having our United States of America sold to the highest bidder by a group of traitors. And since they are also in control of our Military and all Policing agency’s ie FBI, CIA, TSA, Homeland Security and etc. That places me, my family, and you and your family exactly where? Does the word crosshairs mean anything to you? The internet and organizations like wikileaks could be all that stands between those forces that would blur the line between Our Nation State and making us subjects of the UN and their New World Order a reality.

I’ll be 62 in 10 days and I remember The “Bay Of Tonkin” that never happened. I remember the five of eleven of my closet high school buddy’s that didn’t come back from Viet Nam. I also remember the “Melai Massacre” that after it’s disclosure, prompted our government to institute policy’s and programs that would insure that whistleblowers like Private Manning would have a safe haven to rely on. Which it appears now was nothing more than smoke,mirrors and lies.

Catfitz40 part 2 I screamed, ranted and raved as I watched the trump up to war with Iraq. I sat on the floor crying during “SHOCK and AWE”. I cried for the innocents that were and are being killed daily. And I cry for our kids that are there now in harms way. losing life and limb. For what, faked incubator baby deaths and non-existant weapons of mass distraction? I’ll tell you what else I do. When I roll up to the stop sign on a freeway off ramp. And there is an old guilt ridden brain broken Viet Nam veteran standing there with a sign that says “HOMELESS” or “WILL WORK FOR FOOD” I stop, roll down my window and if I have money I give. If I don’t I let him know that I care. Just think. There is a whole new batch of replacement for him on the way to a freeway in a town near you soon.

In the meantime I’ll go crawl in bed with my lovely Swedish Hackers and you can go crawl back in bed with those you seem to have allied yourself with.